Microsoft Defender for Office 365 Licensing for Shared Mailboxes: A Critical Clarification
In this blog, we’re going to address a crucial aspect of Microsoft’s licensing requirements that has often been overlooked – Microsoft Defender for Office 365 licensing used for shared mailboxes. We recently confirmed that Microsoft does, in fact, require clients to license Shared Mailboxes with Defender for Office 365 licensing if the mailbox receives mail.
What is Microsoft Defender for 365?
Microsoft 365 Defender is a robust, cloud-based filtering service that offers:
- Enhanced spam protection for e-mail messages
- Harmful URL checking for E-mail, Teams, and SharePoint
- Attachment scanning (virus, malware, etc.) for E-mail, Teams and SharePoint
This particular service has been especially powerful against phishing attacks because it sits directly in front of Microsoft’s services and prevents users from accessing dangerous content. It can be used for regular and shared mailboxes.
Check our blog page here to know why your business should have Microsoft Defender for Office 365.
Following the Defender for Office 365 best practices is crucial to protecting digital assets and protecting your organization’s integrity. Using advanced features like threat protection alongside email and collaboration security significantly enhances your protection.
Properly configuring Defender for Office 365, customizing security policies, training employees, and maintaining constant monitoring ensure staying ahead of evolving cyber threats. Avoiding common threats such as phishing and security loopholes in cloud applications helps minimize the risk of security incidents and ensures the integrity and availability of our data.
Clarifying the Licensing Requirement
Although this isn’t a new policy from Microsoft, it’s become apparent that many businesses were not aware of the licensing requirements around shared mailboxes.
Primarily because shared mailboxes typically require absolutely no licensing and are free to use.
For shared mailboxes that receive email, a Defender for Office 365 license is a must, per Microsoft’s licensing terms. This is not merely a recommended measure but a compulsory one aimed at promoting optimal security in our shared digital spaces.
For those who utilize shared mailboxes that do not receive email, you should remove the email address from the shared mailbox, removing its ability to receive inbound e-mail. This will allow you to continue accessing the existing data from the former employee or department and eliminate the need to license the shared mailbox.
You can visit Microsoft’s Service Description page here for a more in-depth look at these licensing terms.
The Way Forward
Adhering to Microsoft’s licensing requirements can often be complex, but it’s important to remain compliant, especially when it comes to security services that protect against human error. We recognize that Microsoft’s requirements can be challenging, especially for businesses that rely on shared mailboxes.
SIRKit is here to help. If you are a Managed IT partner and your licensing is not compliant, our Proactive Team can offer advice and build a plan to address any gaps.